Key Types

e-ignite:
Communicate Securely

Enigmail offers two options for a key type when generating
a new Key Pair. These options are DSA/El Gamal and RSA. The types are
quite different and their diferent properties are explained below. The
type of key you create is also impacted on what Secure Hash Algorithm
(SHA) you want to use for signing email.

DSA/El Gamal Keys:
DSA
keys are used for signing email (DSA: Digital Signnature Algorithm) and
use a 160bit Secure Hash Algorithm. If you select a DSA key pair, you
will get a DSA key that is 1024bits for signing email and an El Gamal
key that is whatever key size you specified for encryptiong your email.
The El Gamal encryption key is a subkey to the DSA key. If you are
interested in using this key type, I recommend that you read the
Wikipedia pages on DSA
and El
Gamal.

RSA Keys:
RSA
Keys can be used to sign and encrypt email. This has its
advantages in
that public key sizes are kept small, and RSA is widely accepted to be
faster at encryption and decryption. Crucially, RSA keys
support
larger SHA sizes including the most modern SHA256 and SHA512.
RSA keys
can be configured to sign only or encrypt only when used as a subkey,
but in order to set this up, you would need to use the GnuPG command
line. If you are interested, the Wikipedia page on RSA is an
informative read, but I would urge you to read the section on SHA Signing Algorithms before you
decide which key type to choose.

SHA Signing Algorithms:
SHA
(Secure Hash Algorithms) are used when signing an email with
OpenPGP.
Enigmail supports the use of SHA1 to SHA512 and RIPEMD160. SHA1 and
RIPEMD160 are both 160bit algorithms, and either one of these must be
used if you have a DSA/El Gamal key unless you enable DSA2 (see below).
DSA keys are only used for signing your mail, where El Gamal is used to
encrypt it. However, a DSA key can only be 1024bits - the key
size you
specify when generating a DSA/El Gamal key pair only applies to the
encryption key itself. Because of this limitation, I recommend that you
use an RSA key with a more secure (at least SHA256) algorithm for mail
signing.

SHA,
the original Secure Hash Algorithm was found to have a weakness where
it did not perform well when attacked by computer cryptanalysis. The
original SHA (known as SHA0 to differentiate) was replaced by the
American National Security Agency in 1995 with SHA1. SHA1 has been
subjected to cryptanalysis more recently, and was found to have a much
less severe weakness. The full details can be read here,
however it is generally accepted in the cryptography community that
SHA1 is no longer fully secure and it is recommended that you do not
use it where possible. These weaknesses do not necessarily
mean that
SHA0 and SHA1 have been broken, but they prove that they are not as
strong as the amount of bits used in the key would suggest.
If you
have to use a 160bit Signing Algorithm because of your key type, I
would recommend that you use RIPEMD160 - however, a better option would
be to update your GnuPG installation and enable DSA2.

However,
if you use an RSA key for signing your email, I would suggest that you
use SHA256. Although SHA512 is technically stronger, it has
the same
problem as PGP/MIME
in that it is not supported by all email clients. SHA256 is a secure
signing algorithm and does not have any of the published weaknesses
that SHA0 and SHA1 suffered from. However, where it's
possible for you
to use SHA512 (eg. you know all your recepients use Thunderbird with
Enigmail and OpenPGP) then this is the most secure option.

The
latest versions of Enigmail select the SHA algorithm for you
automatically - if you have an RSA key, SHA256 is selected by default.
To change this, you need to alter the GnuPG settings and Enigmail's
settings. For instructions on this, see the FAQ page.

DSA2:
A comparitively recent development in the newest versions of GnuPG is
the
ability to use DSA2. DSA2 allows you to use more secure SHA
types with
a DSA key. Previously, DSA keys only supported 160bit hash
algorithms.
DSA2 now enables you to use SHA224 (a newly developed secure hash
algorithm) and SHA256. You do not have to "generate" a DSA2
key - DSA2
is a truncated hash function which allows an existing DSA key to use
larger Hash Algorithms.

The
DSA2 option may not be available to you by default when using Enigmail
(although it is actually a GnuPG option, not an Enigmail option). To
enable DSA2 which will allow you to use SHA256 with a DSA key for
example, you will need to perform either of the following steps (not
both!):

1) In Thunderbird, hit OpenPGP > PREFERENCES and type
"--enable-dsa2" in the box marked Additional parameters for GnuPG.
2) Open your GnuPG home directory (usually C:\Documents and
Settings\<user>\Application Data\GnuPG) and open the file
gpg.conf in Notepad. Underneath Comment"" add a new line and type
"--enable-dsa2" then save the file.

Option 1 - Enable DSA2 in Enigmail

If
you use option 2 above, the settings will apply to GnuPG globally, so
if you use it with other programs such as WinPT etc, the changes will
apply there too. If you use the option within Enigmail, it will only
apply to Enigmail. Option 1 is probably the best option if you only use
GnuPG for email encryption in Thunderbird.

SHA224
is a relatively new signing algorithm, and support for it in GnuPG came
about the same time as DSA2 support. Many people believe that
you have
to use SHA224 with DSA2, but this is not true. DSA2 supports
the more
mature (ie. "tried and tested") SHA256 which is arguably more secure
because of its larger bit-size.